package com.bdqn.crm.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.jupiter.api.Test;

public class ShiroTester {

    @Test
    public void testMd5Hash() {
        String password = "admin";
        String salt = "czkt";
        Md5Hash md5Hash = new Md5Hash(password, salt);
        System.out.println(md5Hash.toString());
        //输出：36aa3e095a86925b7658b5d00557fa77
    }

    @Test
    public void testShiro() {
        //1、创建Realm(安全数据源)
        //通过shiro.ini配置文件创建Realm
        IniRealm realm = new IniRealm("classpath:shiro.ini");
        //2、配置SecurityManager
        DefaultSecurityManager securityManager = new DefaultSecurityManager();
        //注入创建的Realm(安全数据源)
        securityManager.setRealm(realm);
        SecurityUtils.setSecurityManager(securityManager);
        //注入创建的Realm(安全数据源)
        Subject subject = SecurityUtils.getSubject();
        //封装一个令牌
        UsernamePasswordToken token = new UsernamePasswordToken("admin", "123456");
        try {
            subject.login(token);   //登录，即认证
        } catch (AuthenticationException e) {
            System.out.println("认证异常:");
            e.printStackTrace();
        }
        System.out.println("是否认证通过:" + subject.isAuthenticated());
        System.out.println("身份信息:" + subject.getPrincipal());

        System.out.println("是否认证通过：" + subject.isAuthenticated());
        System.out.println("是否为管理员角色：" + subject.hasRole("管理员")); //判断是否为某角色
        System.out.println("是否能操作用户查看功能：" + subject.isPermitted("user:view")); //判断是否拥有某权限
        //也可使用check方法判断是否拥有某权限，但是失败的情况下会抛出 UnauthorizedException 异常
        subject.checkPermission("user:view");
    }

}
